Routing DNS between VLANS
I have two Vlans Vlan 1 and Vlan 30
I have a DNS server sitting in Vlan 30 - x.x.30.100
I have a GSLB device listening in Vlan 1 - x.x.11.66
From a linux box in the .11 network I can perform a dig on the GSLB device x.x.11.66 and get the expected A Record
From the DNS (BIND9) server running in Vlan 30 if I do a DIG I get a server fail back from .66, but I don't see any packets hitting the .66 box from the 30.100 device
I have made sure there are bidirectional rules on both the vlan1 network to the vlan 30 network and on the vlan 30 network to the vlan 1 network
From a packet capture on the 11.66 device, ping works from 30.100 to 11.66 I see request and reply as expected via. Tried a telnet from 30.100 on port 80 and see the port 80 traffic
Seems to be isolated to DNS.
Any thoughts? It's probably something easy that I'm missing.
-
So you have two segments, and on one segment you point the device DNS to a server on the other VLAN? if you did that, the DNS services will be intercepted and it will stay within firewalla. See this https://help.firewalla.com/hc/en-us/articles/360062551673-How-to-run-an-external-pi-hole-with-Firewalla
Please sign in to leave a comment.
Comments
2 comments